Affaan Mustafa
5c4570baa5
Merge pull request #1370 from affaan-m/dependabot/github_actions/softprops/action-gh-release-3.0.0
...
build(deps): bump softprops/action-gh-release from 2.6.1 to 3.0.0
2026-04-13 00:30:59 -07:00
Affaan Mustafa
db8247d701
chore: update release action version comments
2026-04-12 23:54:26 -07:00
Affaan Mustafa
28edd197c2
fix: harden release surface version and packaging sync ( #1388 )
...
* fix: keep ecc release surfaces version-synced
* fix: keep lockfile release version in sync
* fix: remove release version drift from locks and tests
* fix: keep root release metadata version-synced
* fix: keep codex marketplace metadata version-synced
* fix: gate release workflows on full metadata sync
* fix: ship all versioned release metadata
* fix: harden manual release path
* fix: keep localized release docs version-synced
* fix: sync install architecture version examples
* test: cover shipped plugin metadata in npm pack
* fix: verify final npm payload in release script
* fix: ship opencode lockfile in npm package
* docs: sync localized release highlights
* fix: stabilize windows ci portability
* fix: tighten release script version sync
* fix: prefer repo-relative hook file paths
* fix: make npm pack test shell-safe on windows
2026-04-12 22:33:32 -07:00
dependabot[bot]
5ae63b301f
build(deps): bump softprops/action-gh-release from 2.6.1 to 3.0.0
...
Bumps [softprops/action-gh-release](https://github.com/softprops/action-gh-release ) from 2.6.1 to 3.0.0.
- [Release notes](https://github.com/softprops/action-gh-release/releases )
- [Changelog](https://github.com/softprops/action-gh-release/blob/master/CHANGELOG.md )
- [Commits](153bb8e044...b430933298support@github.com >
2026-04-12 04:52:35 +00:00
Affaan Mustafa
4967dad08c
ci: gate releases on opencode payload verification
2026-04-06 14:08:08 -07:00
dependabot[bot]
87363f0e59
chore(deps): bump actions/checkout from 4.3.1 to 6.0.2 ( #1060 )
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 4.3.1 to 6.0.2.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](34e114876b...de0fac2e45support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Affaan Mustafa <me@affaanmustafa.com >
2026-03-31 14:07:40 -07:00
Andriy Kalashnykov
46f37ae4fb
chore: pin actions to commit SHAs and add Skills section to CLAUDE.md
...
Pin all GitHub Actions to commit SHAs instead of mutable version tags
across ci.yml, release.yml, maintenance.yml, and all reusable workflows.
This prevents supply-chain attacks via tag hijacking.
Add the required Skills section to CLAUDE.md mapping project files
(README.md, .github/workflows/*.yml) to their respective review skills.
2026-03-29 17:16:56 -04:00
dagecko
28a1fbc3f2
fix: pin 6 actions to commit SHA, extract 1 expression to env var
2026-03-28 15:57:55 -04:00
Affaan Mustafa
48b883d741
feat: deliver v1.8.0 harness reliability and parity updates
2026-03-04 14:48:06 -08:00
ericcai
d2191d09a2
fix: sync plugin.json version with latest tag ( #171 )
...
Sync plugin.json version to 1.4.1, add CI check to verify versions match on release, and add release.sh script. Fixes #170 .
2026-02-08 16:18:49 -08:00
Roei Bar Aviv
7c0bc25982
feat: add comprehensive CI/CD pipeline
...
Adds GitHub Actions workflows for CI, maintenance, and releases with multi-platform testing matrix.
2026-01-28 23:05:43 -08:00
